diff options
author | Binbin <binloveplay1314@qq.com> | 2023-04-13 09:23:00 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-12 18:23:00 -0700 |
commit | f3e16a1a1eac082aa3c54f24eaada3f6bbbd808c (patch) | |
tree | 8653a22334fd750e774cca899b0d97b2685514e7 /src | |
parent | 810ea67b5b448feb087334461c36c63d4b81577b (diff) | |
download | redis-f3e16a1a1eac082aa3c54f24eaada3f6bbbd808c.tar.gz |
Print IP and port on Possible SECURITY ATTACK detected (#12024)
Add a print statement to indicate which IP/port is sending the attack. So that the offending connection can be tracked
down, if necessary.
Diffstat (limited to 'src')
-rw-r--r-- | src/networking.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/networking.c b/src/networking.c index 574773b37..f633b41a4 100644 --- a/src/networking.c +++ b/src/networking.c @@ -3615,7 +3615,13 @@ void securityWarningCommand(client *c) { time_t now = time(NULL); if (llabs(now-logged_time) > 60) { - serverLog(LL_WARNING,"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted."); + char ip[NET_IP_STR_LEN]; + int port; + if (connAddrPeerName(c->conn, ip, sizeof(ip), &port) == -1) { + serverLog(LL_WARNING,"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted."); + } else { + serverLog(LL_WARNING,"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection from %s:%d aborted.", ip, port); + } logged_time = now; } freeClientAsync(c); |